I am trying to implement service to service security into spring boot services using spring oauth2. I want a service to access a secured resource of another service without any user action involved.
我正在尝试使用spring oauth2实现服务安全性到spring引导服务。我希望服务能够访问另一个服务的安全资源,而不涉及任何用户操作。
There are a lot of examples for authorization code grant type, but not very much about the client credentials grant type, which seems to be the right one for this use case.
有很多授权代码授予类型的例子,但不是很多关于客户端凭证的类型,这似乎是这个用例的正确选项。
I can set up the auth server and use a curl request to get a token. The tests I found used Http Objects to check status codes.
我可以设置auth服务器并使用curl请求来获取令牌。我发现的测试使用Http对象来检查状态码。
How can I use the client credentials grant type in a java client with RestTemplate and spring oauth2?
如何在具有RestTemplate和spring oauth2的java客户端中使用客户端凭证授权类型?
I would think it must be as simple as adding a dependency, an annotation and a config file, yet I can't make it run.
我认为它必须像添加依赖项、注释和配置文件一样简单,但是我不能让它运行。
1 个解决方案
#1
0
Its quit simple.
放弃也很简单。
- Create a Config Class whitch is annotated with @Configutration
- 创建配置类whitch用@Configutration注释。
- In this Class create a Bean Of type OAuth2ProtectedResourceDetails (interface) and create a ClientCredentialsResourceDetails Object in that method. Add your values to it and return it.
- 在这个类中,创建一个OAuth2ProtectedResourceDetails(接口)的Bean,并在该方法中创建一个ClientCredentialsResourceDetails对象。将您的值添加到它并返回它。
- Create a second Bean of type OAuth2RestTemplate in the Configuration Class and create in that method a DefaultOAuth2ClientContext object with the default Constructor. Than create a OAuth2RestTemplate and add the OAuth2ProtectedResourceDetails bean and the DefaultOAuth2ClientContext object to it. Subsequently return the OAuth2RestTemplate Object.
- 在Configuration类中创建一个OAuth2RestTemplate类型的第二个Bean,并在该方法中创建一个带有默认构造函数的DefaultOAuth2ClientContext对象。创建OAuth2RestTemplate并添加OAuth2ProtectedResourceDetails bean和DefaultOAuth2ClientContext对象。随后返回OAuth2RestTemplate对象。
- Add it with @Autowired in your Controller Classes and Service implementations to use it.
- 在您的控制器类和服务实现中添加@Autowired来使用它。
#1
0
Its quit simple.
放弃也很简单。
- Create a Config Class whitch is annotated with @Configutration
- 创建配置类whitch用@Configutration注释。
- In this Class create a Bean Of type OAuth2ProtectedResourceDetails (interface) and create a ClientCredentialsResourceDetails Object in that method. Add your values to it and return it.
- 在这个类中,创建一个OAuth2ProtectedResourceDetails(接口)的Bean,并在该方法中创建一个ClientCredentialsResourceDetails对象。将您的值添加到它并返回它。
- Create a second Bean of type OAuth2RestTemplate in the Configuration Class and create in that method a DefaultOAuth2ClientContext object with the default Constructor. Than create a OAuth2RestTemplate and add the OAuth2ProtectedResourceDetails bean and the DefaultOAuth2ClientContext object to it. Subsequently return the OAuth2RestTemplate Object.
- 在Configuration类中创建一个OAuth2RestTemplate类型的第二个Bean,并在该方法中创建一个带有默认构造函数的DefaultOAuth2ClientContext对象。创建OAuth2RestTemplate并添加OAuth2ProtectedResourceDetails bean和DefaultOAuth2ClientContext对象。随后返回OAuth2RestTemplate对象。
- Add it with @Autowired in your Controller Classes and Service implementations to use it.
- 在您的控制器类和服务实现中添加@Autowired来使用它。